mirror of
https://github.com/u-boot/u-boot.git
synced 2024-12-04 01:53:27 +08:00
lib: rsa: add documentation to padding_pss_verify to document limitations
padding_pss_verify only works with the default pss salt setting of -2 (length to be automatically determined based on the PSS block structure) not -1 (salt length set to the maximum permissible value), which makes verifications of signatures with that saltlen fail. Until this gets implemented at least document this behaviour. Signed-off-by: Heiko Stuebner <heiko.stuebner@theobroma-systems.com> Reviewed-by: Simon Glass <sjg@chromium.org>
This commit is contained in:
parent
eda753be8a
commit
1a62c23ecf
@ -194,6 +194,19 @@ out:
|
||||
return ret;
|
||||
}
|
||||
|
||||
/*
|
||||
* padding_pss_verify() - verify the pss padding of a signature
|
||||
*
|
||||
* Only works with a rsa_pss_saltlen:-2 (default value) right now
|
||||
* saltlen:-1 "set the salt length to the digest length" is currently
|
||||
* not supported.
|
||||
*
|
||||
* @info: Specifies key and FIT information
|
||||
* @msg: byte array of message, len equal to msg_len
|
||||
* @msg_len: Message length
|
||||
* @hash: Pointer to the expected hash
|
||||
* @hash_len: Length of the hash
|
||||
*/
|
||||
int padding_pss_verify(struct image_sign_info *info,
|
||||
uint8_t *msg, int msg_len,
|
||||
const uint8_t *hash, int hash_len)
|
||||
|
Loading…
Reference in New Issue
Block a user